Cybersecurity Outlook 2018: More of the Same?

Take a deep breath, cybersecurity investors–2017 is almost over. 
Earlier in December, the Investing News Network (INN) reported on cybersecurity trends over the last year, which included the rising threats of cyberattacks and ransomware attacks which–unsurprisingly–are trends that aren’t going away any time soon.
In terms of overall cybercrime costs, a Cybersecurity Ventures report predicts damages will cost roughly $6 trillion by 2021 but–moving ahead–there are preventative measures that can be taken to minimize them as much as possible.  As we move out of 2017 and into 2018, INN had the opportunity to speak with industry leaders and experts about the cybersecurity outlook for 2018.

Cybersecurity outlook 2018: cyberattacks are a “people problem”

Unfortunately, the threat of cyber and ransomware attacks aren’t going anywhere. According to the Cybersecurity Ventures report, cyberattacks “are the fastest growing crime in the US” that are only growing more “in size, sophistication and cost”– and it appears as though people–more than the technology itself–are to blame, at least according to the three analysts we spoke to.
Steve Morgan, founder and editor-in-chief of Cybersecurity Ventures added to that thought, stating that the market is finally acknowledging that the threat of cyberattacks is a “people problem, not a technology problem.”
“It all boils down to a human response, more so than a technological response to … ransomware and other cyber attacks,” Morgan continued. 
Itay Glick, CEO of Votiro, echoed similar sentiments as Morgan, stating that human error will “remain the weakest link in security.”
“Organizations must have a robust process in place, ensuring that the software they use is the latest version,” Glick added.
Joe Stuntz, vice president of cybersecurity at OWI said that as it relates to the big three cyberattacks that happened in 2017–WannaCry, NotPetya and BadRabbit–they confirmed to him some of the biggest issues in security, such as not paying as much attention to detail when it comes to to the “basics.”
“With more devices, network connections, etc., the impact of an attack can be bigger than previously thought,” Stuntz said. “I hope that organizations start to understand that the security team cannot manage everything in a silo, but that the whole organization needs to develop a focus on operating safely.”

Cybersecurity outlook 2018: rising threat of attacks

With more than 6 billion people expected to use the Internet by 2022, Cybersecurity Ventures states, it’s inevitable that cybercrimes and attacks will only continue increasing.
Glick told INN that there will be a rise in “malicious attachments” particularly as it relates to Office-related files. He said these will increase because malware producers have continually proved that “they are more than capable of producing sophisticated malware” that will bypass security solutions.
“As the security industry adapts, and finds ways to detect the newly formed threats and block them, malware authors will find ways to bypass the blocks and carry on,” Glick said.
In 2017 alone, cybercrime spending cost more than $86.4 billion, according to research from Gartner, with that number expected to exceed $93 billion in 2018.  The research firm states it expects fast growth in the security testing market resulting in continued data breaches and demands for application security testing.
“Spending on emerging application security testing tools, particularly interactive application security testing, will contribute to the growth of this segment through 2021,” the firm suggests.
Other contributing factors to the growth of cyberattacks is, of course, the evolution of technology–which applies to the overarching cybersecurity industry as well.
“Cyber threats and attackers are continuing to evolve and the “threat-as-a-service” ecosystems continue to grow, so the security market is not going to slow down,” Mike Myshrall CFO of Cyren (NASDAQ:CYRN), told INN.
Guy Caspi, CEO of Deep Instinct, wrote on IoT Evolution that the cybersecurity attacks and breaches in 2017 provided insight and understanding into their ramifications, but moving ahead it will be difficult “for CSOs to stay a step ahead in 2018.”

Cybersecurity outlook 2018: taking charge

As we’ve learned, cybersecurity threats and attacks aren’t going anywhere, but there is hope moving forward that businesses and organizations will adapt proper techniques when it come to preventing them from happening in the future as best as possible.
“The next step in the security industry evolution is prevention,” said Glick. “When performed correctly, the process doesn’t waste time on detecting the threat–it simply cleans it to ensure it fits the standard, removing anything that doesn’t.”
Glick continued, stating preventative measures that can be taken in preventing attacks in the future include: thinking twice about opening an attachment and double checking to ensure it’s from a legitimate source; check domain names and look at SSL certificates to protect from “man-in-the-middle” attacks; and organizations that have a large customer data should protect themselves and find solutions “that will take out the human error from the equation,” and ensure emails received within the organization are safe to open.
Morgan said there are at least five key points that should be taken into consideration moving forward when it comes to preventing attacks.
“Cross train IT workers onto cybersecurity. There’s a sever cybersecurity labor shortage and companies will remain short-staffed unless they start cross-training,” he said. Morgan added that training employees to become more security aware is also a must, which “will increase security by an order of magnitude at organizations globally in 2018.”
Other preventative measures Morgan said that are important to implement includes backing up data “continuously.”
Patching software and not paying ransoms round out the five key points in preventing attacks.
“Ransomware authors write the nastyware because they believe companies and individuals will fork over ransoms,” he said. “Cybercriminals are financially motivated, especially when it comes to ransomware. If their perceived compensation goes away, then it will seriously cut down on the ransomware epidemic we are experiencing.”

Cybersecurity outlook 2018: mergers and acquisitions

While working to prevent cyberattacks is–indeed–the main focus of cybersecurity, there are other things to watch for in the market as well.
As noted in Cybersecurity Ventures’ Mergers and Acquisitions report, over 50 m&a’s were sliced in Q3 of 2017 and, by the looks of it, a number of tech giants will be looking to continue the trend moving into the year ahead.
“We will see more large technology vendors push into the cybersecurity market via acquisitions,” said Morgan.
While industry mammoths like IBM (NYSE:IBM) and Cisco (NASDAQ:CSCO) have already “built up” their $2 billion security businesses, Morgan said, other technology companies will likely be playing catchup to those companies in 2018.
“Any major IT player needs to be a cybersecurity player in 2018. CIOs want as few vendors as possible. There’s been a line drawn in the sand between IT and security, and that’s going to get very blurry in 2018,” Morgan said.

Cybersecurity outlook 2018: overall market growth

Research from Markets and Markets points out that the overall cybersecurity industry is expected to grow from $137.85 billion in 2017 to $231.94 by 2022, increasing at compound annual growth rate of 11 percent.
“The major forces driving the cybersecurity market are strict data protection directives and cyber terrorism,” the research note states.
In 2018 alone, Gartner research projects that worldwide cybersecurity spending will reach $96 billion–an eight percent increase–due to regulatory changes, mindset and “a growing awareness of threats.”
“Overall, a large portion of security spending is driven by an organisation’s reaction toward security breaches as more high profile cyber attacks and data breaches affect organisations worldwide,” said Ruggero Contu, research director at Gartner.
“Cyber attacks such as WannaCry and NotPetya, and most recently the Equifax breach, have a direct effect on security spend, because these types of attacks last up to three years.”

Cybersecurity outlook 2018: companies to look out for

While it’s hard not bringing up  cybersecurity mammoths like IBM, Raytheon Company (NYSE:RTN), Cisco (NASDAQ:CSCO) and Palo Alto Networks (NYSE:PANW), there are smaller market cap companies for investors to look out for.
Canadian-listed VirtualArmour (CSE:VAI) is making waves and currently working on “the development of Blockhouse, an enhanced, fully managed Enterprise Security Solution based on blockchain technology.”
Patriot One Technologies (TSXV:PAT;OTCQB:PTOTF) is focused on commercializing a system to detect concealed weapons using radar technologies. The system provides first responders and security personnel time in active threat scenarios and offers stand-off detection of concealed threats in public situations.
Other small market cap publicly traded companies that are on Cybersecurity Ventures’ watch list include: Absolute Software (TSX:ABT); Cyren (NASDAQ:CYRN) and Finjan Holdings (NASDAQ:FNJN), to name a few.

Cybersecurity outlook 2018: investor takeaway

All told, while the rising threat of cyberattacks is imminent, investors can take solace in knowing there are plenty of ways to take action in preventing them.
What’s more, as noted above there is a wide range of cybersecurity companies ready to step in and taken action where need be–making it an attractive space for investors to put their money.
Don’t forget to follow us @INN_Technology for real-time news updates!
Securities Disclosure: I, Jocelyn Aspa, hold no direct investment interest in any company mentioned in this article. 
Editorial Disclosure: VirtualArmour is a client of the Investing News Network. This article is not paid-for content.
The Investing News Network does not guarantee the accuracy or thoroughness of the information reported in the interviews it conducts. The opinions expressed in these interviews do not reflect the opinions of the Investing News Network and do not constitute investment advice. All readers are encouraged to perform their own due diligence.